CLAIMS 



What is claimed is: 



1 1 . A method comprising: 

2 identifying a second network device at a first network device; 

3 sending a message from the first network device to the second network device, the message 

4 establishing the identity of any network device between the first network device and the second 

5 network device; 

6 compiling the established identities to determine the topology of the network. 

1 2. The method of Claim 1, wherein identifying the second network device comprises 

2 receiving an address of the second network device from a third network device. 

1 3. The method of Claim 1, wherein the first network device comprises a plurality of 

2 network interfaces, the method further comprising selecting an interface to the second device by 

3 sending a packet from each of the plurality of network interfaces to an address of the second network 

4 device and selecting an interface that corresponds to any reply received from the second network 

5 device. 

1 4. The method of Claim 3, wherein sending a packet from each of the plurality of 

2 network interfaces comprises sending a PING packet from each of the plurality of network 

3 interfaces. 
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1 5. The method of Claim 1 , wherein sending the message comprises sending a plurality 

2 of messages to the second network device, each message having an incrementally greater time to live 

3 until a message reaches the second network device. 

1 6. The method of Claim 1, wherein sending the message comprises executing a 

2 Traceroute utility at the first network device to determine the route of a packet between the first and 

3 second network device. 

1 7. The method of Claim 1, further comprising: 

2 identifying a third network device at the first network device; 

3 sending a message from the first network device to the third network device, the message 

4 establishing the identity of any network device between the first network device and the third 

5 network device. 

1 8. The method of Claim 1 , further comprising sending a packet to a third network device 

2 to provoke the third network device to identify an address corresponding to a port at which the 

3 packet was received and wherein compiling further comprises compiling the identified address. 

1 9. The method of Claim 1 , further comprising sending a packet to a third network device 



2 addressed to a port that does not exist on the third network device in order to provoke the third 

3 network device to send an error message to the first network device that identifies an address of the 

4 third network device corresponding to the port at which the packet was received and wherein 

5 compiling further comprises compiling the identified address. 

1 10. A machine-readable medium having stored thereon data representing sequences of 

2 instructions which, when executed by a machine, cause the machine to perform operations 

3 comprising: 
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4 identifying a second network device at a first network device; 

5 sending a message from the first network device to the second network device, the message 

6 establishing the identity of any network device between the first network device and the second 

7 network device; 

8 compiling the established identities to determine the topology of the network. 

1 11. The medium of Claim 1 0, wherein the instructions for identifying the second network 

2 device further comprise instructions which, when executed by the machine, cause the machine to 

3 perform further operations comprising receiving an address of the second network device from a 

4 third network device. 

1 12. The medium of Claim 10, wherein the first network device comprises a plurality of 



2 network interfaces, the instructions further comprising instructions which, when executed by the 

3 machine, cause the machine to perform further operations comprising selecting an interface to the 

4 second device by sending a packet from each of the plurality of network interfaces to an address of 



5 the second network device and selecting an interface that corresponds to any reply received from the 

6 second network device. 

1 13. The medium of Claim 10, wherein the instructions for sending the message further 

2 comprise instructions which, when executed by the machine, cause the machine to perform further 

3 operations comprising sending a plurality of messages to the second network device, each message 

4 having an incrementally greater time to live until a message reaches the second network device. 

1 14. The medium of Claim 1 0, further comprising instructions, when executed by the 

2 machine, cause the machine to perform further operations comprising: 

3 identifying a third network device at the first network device; 
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4 sending a message from the first network device to the third network device, the message 

5 establishing the identity of any network device between the first network device and the third 

6 network device. 

1 15. The medium of Claim 1 0, further comprising instructions which, when executed by 

2 the machine, cause the machine to perform further operations comprising sending a packet to a third 

3 network device to provoke the third network device to identify an address corresponding to a port at 

4 which the packet was received and wherein the instructions for compiling comprise further 

5 instructions which, when executed by the machine, cause the machine to perform further operations 

6 comprising compiling the identified address. 

1 1 6 . A method comprising : 

2 identifying a second network device at a first network device; 

3 sending a Traceroute message from the first network device to the second network device, to 

4 determine addresses of any network device between the first network device and the second network 

5 device; 

6 compiling the addresses to determine the topology of the network. 

1 17. The method of Claim 16, wherein identifying the second network device comprises 

2 receiving an identification of the second network device, including its address from a policy server. 

1 18. The method of Claim 1 6, wherein the first network device comprises a plurality of 

2 network interfaces, the method further comprising selecting an interface to the second device by 

3 sending a PING message from each of the plurality of network interfaces to an address of the second 

4 network device and selecting an interface that corresponds to any reply received to the PING 

5 message from the second network device. 
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1 19. The method of Claim 1 6, wherein the Traceroute message comprises a plurality of 

2 messages to the second network device, each message having an incrementally greater time to live 

3 until a message reaches the second network device. 

1 20. The method of Claim 16, further comprising sending a packet to a third network 

2 device addressed to a port that does not exist on the third network device in order to provoke the 

3 third network device to send an error message to the first network device that identifies an address of 

4 the third network device corresponding to the port at which the packet was received and wherein 

5 compiling further comprises compiling the identified address. 
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